Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft
File:                     pk-aIUfxp5IRyWIBilHj7aKCI2A.mft (raw, json)
Hash identifier:          LUpWURbfijfrQDOToIGimhM4SBUfqxClQk5OvF33exA=
Subject key identifier:   DF:F5:36:86:F6:24:D2:28:01:ED:1F:99:76:A6:18:8E:8B:34:6D:8A
Authority key identifier: A6:4F:9A:21:47:F1:A7:92:11:C9:62:01:8A:51:E3:ED:A2:82:23:60
Certificate issuer:       /CN=a64f9a2147f1a79211c962018a51e3eda2822360
Certificate serial:       019D329AD10B9A8B8606CEB851859CDD55F5
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/pk-aIUfxp5IRyWIBilHj7aKCI2A.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft
Manifest number:          23
Signing time:             Sat 28 Mar 2026 04:01:39 +0000
Manifest this update:     Sat 28 Mar 2026 04:01:39 +0000
Manifest next update:     Sun 29 Mar 2026 04:01:39 +0000
Files and hashes:         1: pk-aIUfxp5IRyWIBilHj7aKCI2A.crl (hash: Mk/TWPtzL274ERU0KK7tKEl0+FnxNUL5AXiEKEKOYCI=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/pk-aIUfxp5IRyWIBilHj7aKCI2A.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sun 29 Mar 2026 00:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9d:32:9a:d1:0b:9a:8b:86:06:ce:b8:51:85:9c:dd:55:f5
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=a64f9a2147f1a79211c962018a51e3eda2822360
        Validity
            Not Before: Mar 28 04:01:39 2026 GMT
            Not After : Mar 29 04:01:39 2026 GMT
        Subject: CN=dff53686f624d22801ed1f9976a6188e8b346d8a
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:97:6e:b2:c8:00:fb:53:9e:f2:7e:85:5a:6a:f9:
                    41:af:28:81:58:51:29:ef:bf:92:fa:b9:2c:82:ff:
                    f3:c9:b3:0b:6f:8c:8f:3d:51:4c:f2:77:81:10:2b:
                    76:94:e0:db:86:15:12:c5:60:81:26:79:cf:2f:54:
                    61:a5:14:fa:43:06:5e:e2:29:ca:bd:e4:0c:24:b9:
                    7f:41:e7:a4:71:8c:07:c9:a9:e7:9a:d1:18:97:9f:
                    df:20:dc:51:14:16:5e:4b:c5:72:ad:af:9b:94:dc:
                    12:08:d5:5d:07:ce:50:13:29:67:e4:dc:6d:4d:f4:
                    44:88:3c:61:ec:e3:b7:4b:ca:fd:ac:f6:b8:d4:74:
                    3e:3d:fe:5f:e1:14:da:ad:22:7f:c8:b7:96:2a:4e:
                    cc:2d:52:31:bf:39:aa:46:8b:c6:01:9c:36:8b:d0:
                    48:77:4d:be:67:1b:51:28:eb:c3:00:16:8f:ca:13:
                    f9:82:c7:f2:44:89:b0:57:73:9f:7c:9d:0d:7b:1b:
                    72:74:ac:aa:bc:77:bc:01:5e:3e:86:bd:fb:cf:24:
                    95:21:96:7f:fd:ab:a9:a7:fe:d4:0f:0f:0c:d2:9c:
                    e2:ad:3b:a6:27:ba:eb:9f:85:da:1f:1a:27:eb:34:
                    bd:6b:2b:ca:f7:bd:37:b9:33:ce:0a:67:09:5d:02:
                    bc:b5
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                DF:F5:36:86:F6:24:D2:28:01:ED:1F:99:76:A6:18:8E:8B:34:6D:8A
            X509v3 Authority Key Identifier:
                keyid:A6:4F:9A:21:47:F1:A7:92:11:C9:62:01:8A:51:E3:ED:A2:82:23:60

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pk-aIUfxp5IRyWIBilHj7aKCI2A.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/7684c4-d4c4-4546-b555-8ebbc8769f84/1/pk-aIUfxp5IRyWIBilHj7aKCI2A.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         4b:df:43:19:71:1e:5d:64:1b:8d:c9:19:2a:29:d5:8d:ca:e4:
         17:13:88:2c:8f:f9:94:77:64:ae:7e:25:d7:9a:e4:f2:50:0f:
         60:7b:7a:ba:db:a3:54:ae:d0:2c:84:06:06:7f:6c:59:cd:e9:
         0f:4d:aa:1e:36:af:36:57:97:a6:7f:31:03:59:45:3b:ab:2e:
         5d:66:e0:54:4a:6b:bc:a0:f5:09:38:55:c0:3d:f6:66:3a:ca:
         99:5e:8e:3c:66:43:c9:ca:82:c2:58:cd:a5:6b:3f:52:3f:78:
         10:a0:a0:92:70:dd:13:33:b1:4f:31:3b:0d:c6:b8:b9:57:18:
         24:4d:ba:01:be:db:8d:bb:1c:b0:6e:77:dd:7c:96:ce:ba:99:
         45:ae:24:73:de:5c:75:bc:c1:a0:62:fc:77:27:fe:b1:9b:98:
         e4:6f:e4:fd:20:de:fc:ed:fd:86:6e:7d:a4:a6:9a:12:ff:2e:
         a1:be:9c:f0:60:50:12:40:24:70:fd:77:9b:a5:2f:4d:5e:ee:
         97:af:76:5a:3c:e5:94:5b:63:20:73:ca:96:da:c0:c3:c3:66:
         4c:53:f9:55:cd:4c:94:25:e9:fd:9b:b4:02:69:9a:0c:7b:86:
         d6:10:b6:6a:06:6b:28:5e:da:ce:d2:9f:d0:f6:f5:56:39:9d:
         3d:a5:fc:ec
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ0ymtELmouGBs64UYWc3VX1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NGY5YTIxNDdmMWE3OTIxMWM5NjIwMThhNTFlM2VkYTI4
MjIzNjAwHhcNMjYwMzI4MDQwMTM5WhcNMjYwMzI5MDQwMTM5WjAzMTEwLwYDVQQD
EyhkZmY1MzY4NmY2MjRkMjI4MDFlZDFmOTk3NmE2MTg4ZThiMzQ2ZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl26yyAD7U57yfoVaavlBryiBWFEp
77+S+rksgv/zybMLb4yPPVFM8neBECt2lODbhhUSxWCBJnnPL1RhpRT6QwZe4inK
veQMJLl/QeekcYwHyannmtEYl5/fINxRFBZeS8Vyra+blNwSCNVdB85QEyln5Nxt
TfREiDxh7OO3S8r9rPa41HQ+Pf5f4RTarSJ/yLeWKk7MLVIxvzmqRovGAZw2i9BI
d02+ZxtRKOvDABaPyhP5gsfyRImwV3OffJ0NextydKyqvHe8AV4+hr37zySVIZZ/
/aupp/7UDw8M0pzirTumJ7rrn4XaHxon6zS9ayvK9703uTPOCmcJXQK8tQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFN/1Nob2JNIoAe0fmXamGI6LNG2KMB8GA1UdIwQY
MBaAFKZPmiFH8aeSEcliAYpR4+2igiNgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGstYUlVZnhwNUlSeVdJQmlsSGo3YUtDSTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS83Njg0YzQtZDRjNC00NTQ2LWI1NTUt
OGViYmM4NzY5Zjg0LzEvcGstYUlVZnhwNUlSeVdJQmlsSGo3YUtDSTJBLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS83Njg0YzQtZDRjNC00NTQ2LWI1NTUtOGViYmM4NzY5Zjg0
LzEvcGstYUlVZnhwNUlSeVdJQmlsSGo3YUtDSTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAS99DGXEe
XWQbjckZKinVjcrkFxOILI/5lHdkrn4l15rk8lAPYHt6utujVK7QLIQGBn9sWc3p
D02qHjavNleXpn8xA1lFO6suXWbgVEprvKD1CThVwD32ZjrKmV6OPGZDycqCwljN
pWs/Uj94EKCgknDdEzOxTzE7Dca4uVcYJE26Ab7bjbscsG533XyWzrqZRa4kc95c
dbzBoGL8dyf+sZuY5G/k/SDe/O39hm59pKaaEv8uob6c8GBQEkAkcP13m6UvTV7u
l692WjzllFtjIHPKltrAw8NmTFP5Vc1MlCXp/Zu0AmmaDHuG1hC2agZrKF7aztKf
0Pb1VjmdPaX87A==
-----END CERTIFICATE-----